Adobe has revoked the code signing certificate for all code signed after 10 July this year following an attack it announced last week.
The software company was issuing updates signed using a new digital certificate for all affected products.
Microsoft malware protection centre lead security researcher Tanmay Ganacharya said it has been tracking the issue closely.
Telemetry showed the issue was not prevalent and was being used only in only highly targeted attacks.
Adobe senior engineering director Brad Arkin said Adobe was hit by an attack that impacted its digital certificate code signing infrastructure and led to at least two malicious utilities being signed.
Arkin said that the certificate runs on the Windows platform and three Adobe Air applications that run on both Windows and Macintosh. It has revoked all software code signed after 10th July 2012 and has decommissioned the existing Adobe code signing infrastructure.
_(23).jpg&h=140&w=231&c=1&s=0)
_(28).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0){kind=logo}
iTnews Executive Retreat - Security Leaders Edition
iTnews Benchmark Awards 2026
iTnews Cloud Covered Breakfast Summit
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
